Facebook says it knows who was behind the massive spam attack on the social network this week--although it isn't naming them--and it intends to take legal action against them.

In a statement released to media outlets, Facebook said that its dedicated enforcement team "has already identified those responsible and is working with our legal team to ensure appropriate consequences follow."

Those familiar with Facebook's history with spammers know that the socnet doesn't make idle threats when it comes to junco artists. It pursued one spam king, Sanford Wallace, for two years before winning an indictment against him earlier this year.

Sanford WallaceThe indictment accused Wallace of flooding Facebook with 27 million spam messages in 2008 and 2009. It also said that the junk czar used phishing attacks to steal usernames and passwords from victims and used the stolen credentials to post spam to victims' walls.

Because a threat to take down Facebook was made earlier this year by some members of the hacker collective Anonymous, its name initially surfaced as a possible perpetrator of the attack. That's unlikely, however, not only because the group called off its action against Facebook scheduled for Nov. 5, but using shock spam in an attack just isn't its style.

This Week's Spam Attack

The spam attack on Facebook began early this week when many Facebook users began seeing pornographic and shock spam appearing in their news feeds without any knowledge of how they got there. After some delay, Facebook finally acknowledged that the attacks had taken place.

The social network has an impressive security scheme in place. The Facebook Immunity System (FIS), which analyzes 650,000 actions a second, has done a good job of protecting social networkers from malicious and annoying activity directed at their accounts, but it has its flaws.

That deluge was based on tricking members into pasting JavaScript code into the address bar of their browsers. The code caused a member to share offensive material with their friends.

While praising Facebook's action in cleaning up the mess, one secure browser maker added that problems with self-inflicted JavaScript infections persist on the network. "Facebook has cleaned up most of the offensive content from in the recent campaign," noted Mike Geide at the Zscaler blog. "But doing some specific searches I was able to find some examples of this self-inflicted JS injection technique being used on Facebook."

"The most common case, are Facebook groups that ask you to join and then enter in some JS into your URL bar," he added.